From: Tony Johansson on
Hello!

I do some exercise from a book which work if I run from VisualStudo(VS)
but doesn't work when run from IIS.
This exercise will use forms authentication

Here is some background information:
I use windows XP pro with a Sql Server express 2005 database.
I have also Sql Server Management Studio Express
I use VisualStudio 2005

Here is what I have done
*******************
I have created a file system web site named Northwind that is using
Development Web server.
In this web site I have created the following files.
A LoginForms.aspx and LoginForm.aspx.cs with one Login control from the
Login category from the toolbox..
A CustomerData.aspx and CustomerData.aspx.cs with one label with some text
saying "this form will be implemented later".

Here is all the property that I have set for the Login control
*********************************************
DisplayRememberMe is set to False
TitleText is set to Northwind Traders-Inloggning
DestinationPageUrl is set to ~/CustomerData.aspx

Here is how I implement forms authentication
**********************************
To implement forms authentication I use ASP.NET Web Site Administration Tool
that is located in a meny to the right
just above the solution explorer.
Click on Security in the ASP.NET Web Site Administration Tool .
Select authentication type and choose from the Internet.
Click on Create users and chose these values
Username: John
Password: Pa$$w9rd
Confirm Password: Pa$$w9rd
E-post: Some valid E-post format
Security question: My best animal
Answer on security question: Cat
Click on create user

Now click on Create access rules.
Select Nortwind in the section choose catalog for this rule.
Choose John as the user and select allow under section permission
Click on OK
Now click on Create access rules a second time
Select Nortwind in the section choose catalog for this rule
Select anynymous user and select deny as permission.
Click OK
Now you can close the ASP.NET Web Site Administration Tool because you have
done all the setting in this tool.

Now you can click on refresh in solution explorer so two new files is
displayed one in the folder App_Data
with the name ASPNETDB.MDF and web.config in the project root catalog.


Now EDIT the Web.config so the look is like this
**************************************
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<system.web>
<authorization>
<allow users="John" />
<deny users="?" />
</authorization>
<authentication mode="Forms">
<forms loginUrl="LoginForm.aspx" timeout="5"
cookieless="AutoDetect" protection="All" />
</authentication>
</system.web>
</configuration>

I can now test the web application
If I write invalid username or password a message inform me that you have
entered invalid username or password
If I write John as the Username and Pa$$w9rd as the Password the
CustomerData form is displayed with it's label
saying that this form will be implemanted later.

So If I run the web application from visual studio I works fine.

If I now start Internet explorer and enter this url
http://localhost/Northwind/customerdata.aspx
in the bowser I get the Login control and enter John as the Username and
Pa$$w9rd as the Password and
then I get this kind of error. See some rows below on the whole stack error
trace.
So as a summary if I run the appliaction from VisualStudio it works fine but
if
I run the appliaction from IIS it causes error Login failed for user
'HEMPC\ASPNET'

I can use Sql Server Management Studio Express to attach to the database
located at F:\NORTHWIND\APP_DATA\ASPNETDB.MDF.

As an attempt to solve the problem I tried the following
First I attached the following file F:\NORTHWIND\APP_DATA\ASPNETDB.MDF
using Sql Server Management Studio Express
Then it seems to me that IIS doesn't like ASPNET so I create a query like
this
use "F:\NORTHWIND\APP_DATA\ASPNETDB.MDF"
create user [HEMPC\ASPNET] for login [HEMPC\ASPNET]
grant select to [HEMPC\ASPNET]
grant insert to [HEMPC\ASPNET]
grant delete to [HEMPC\ASPNET]

When I now run from VisualStudio I get this error
Cannot open user default database. Login failed.
Login failed for user 'HEMPC\Tony'

When I run from IIS I get the same error as before.
So doing this kind of action wasn't any success.

Have anyone some suggestion what I can do to fix this problem ?



Servererror in the applicationprogram /Northwind.
--------------------------------------------------------------------------------

Login failed for user 'HEMPC\ASPNET'.
Description: One exception which couldn't be handled occured when the
current webbrequest was run. More information
about the error and where in the code it occured can be found in the
stacktrace.

Exceptioninformation: System.Data.SqlClient.SqlException: Login failed for
user 'HEMPC\ASPNET'.

SourceError:

One exception which didn't handled was generated by the current web request.
Information about the origin for exception and
place can be identified with the stacktrace below.

StackTrace:

[SqlException (0x80131904): Login failed for user 'HEMPC\ASPNET'.]
System.Data.SqlClient.SqlInternalConnection.OnError(SqlException
exception, Boolean breakConnection) +4846887
System.Data.SqlClient.TdsParser.ThrowExceptionAndWarning(TdsParserStateObject
stateObj) +194
System.Data.SqlClient.TdsParser.Run(RunBehavior runBehavior, SqlCommand
cmdHandler, SqlDataReader dataStream, BulkCopySimpleResultSet
bulkCopyHandler, TdsParserStateObject stateObj) +2392
System.Data.SqlClient.SqlInternalConnectionTds.CompleteLogin(Boolean
enlistOK) +35
System.Data.SqlClient.SqlInternalConnectionTds.AttemptOneLogin(ServerInfo
serverInfo, String newPassword, Boolean ignoreSniOpenTimeout, Int64
timerExpire, SqlConnection owningObject) +144
System.Data.SqlClient.SqlInternalConnectionTds.LoginNoFailover(String
host, String newPassword, Boolean redirectedUserInstance, SqlConnection
owningObject, SqlConnectionString connectionOptions, Int64 timerStart) +342
System.Data.SqlClient.SqlInternalConnectionTds.OpenLoginEnlist(SqlConnection
owningObject, SqlConnectionString connectionOptions, String newPassword,
Boolean redirectedUserInstance) +221
System.Data.SqlClient.SqlInternalConnectionTds..ctor(DbConnectionPoolIdentity
identity, SqlConnectionString connectionOptions, Object providerInfo, String
newPassword, SqlConnection owningObject, Boolean redirectedUserInstance)
+189
System.Data.SqlClient.SqlConnectionFactory.CreateConnection(DbConnectionOptions
options, Object poolGroupProviderInfo, DbConnectionPool pool, DbConnection
owningConnection) +4861315
System.Data.ProviderBase.DbConnectionFactory.CreatePooledConnection(DbConnection
owningConnection, DbConnectionPool pool, DbConnectionOptions options) +31
System.Data.ProviderBase.DbConnectionPool.CreateObject(DbConnection
owningObject) +433
System.Data.ProviderBase.DbConnectionPool.UserCreateRequest(DbConnection
owningObject) +66
System.Data.ProviderBase.DbConnectionPool.GetConnection(DbConnection
owningObject) +499
System.Data.ProviderBase.DbConnectionFactory.GetConnection(DbConnection
owningConnection) +65
System.Data.ProviderBase.DbConnectionClosed.OpenConnection(DbConnection
outerConnection, DbConnectionFactory connectionFactory) +117
System.Data.SqlClient.SqlConnection.Open() +122
System.Web.DataAccess.SqlConnectionHolder.Open(HttpContext context,
Boolean revertImpersonate) +87
System.Web.DataAccess.SqlConnectionHelper.GetConnection(String
connectionString, Boolean revertImpersonation) +221
System.Web.Security.SqlMembershipProvider.GetPasswordWithFormat(String
username, Boolean updateLastLoginActivityDate, Int32& status, String&
password, Int32& passwordFormat, String& passwordSalt, Int32&
failedPasswordAttemptCount, Int32& failedPasswordAnswerAttemptCount,
Boolean& isApproved, DateTime& lastLoginDate, DateTime& lastActivityDate)
+815
System.Web.Security.SqlMembershipProvider.CheckPassword(String username,
String password, Boolean updateLastLoginActivityDate, Boolean
failIfNotApproved, String& salt, Int32& passwordFormat) +105
System.Web.Security.SqlMembershipProvider.CheckPassword(String username,
String password, Boolean updateLastLoginActivityDate, Boolean
failIfNotApproved) +42
System.Web.Security.SqlMembershipProvider.ValidateUser(String username,
String password) +78
System.Web.UI.WebControls.Login.AuthenticateUsingMembershipProvider(AuthenticateEventArgs
e) +60
System.Web.UI.WebControls.Login.OnAuthenticate(AuthenticateEventArgs e)
+119
System.Web.UI.WebControls.Login.AttemptLogin() +115
System.Web.UI.WebControls.Login.OnBubbleEvent(Object source, EventArgs e)
+101
System.Web.UI.Control.RaiseBubbleEvent(Object source, EventArgs args) +37
System.Web.UI.WebControls.Button.OnCommand(CommandEventArgs e) +118
System.Web.UI.WebControls.Button.RaisePostBackEvent(String eventArgument)
+166
System.Web.UI.WebControls.Button.System.Web.UI.IPostBackEventHandler.RaisePostBackEvent(String
eventArgument) +10
System.Web.UI.Page.RaisePostBackEvent(IPostBackEventHandler
sourceControl, String eventArgument) +13
System.Web.UI.Page.RaisePostBackEvent(NameValueCollection postData) +36
System.Web.UI.Page.ProcessRequestMain(Boolean
includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +1565


//Tony